Encryption for a stream file in an FPGA integrated circuit

ABSTRACT

A method and apparatus for encrypting a data stream used to program an FPGA device comprising determining if there is at least one gap in the data stream; determining whether encryption is enabled for the at least one gap in the data stream; and encrypting the data stream, if encryption is enabled for the at least one gap.  
     A method and apparatus for de-encrypting an encrypted data stream used to program an FPGA device comprising determining if there is at least one gap in the data stream; determining whether encryption was enabled for the at least one gap in the data stream; and de-encrypting the data stream, if encryption was enabled for the at least one gap.  
     It is emphasized that this abstract is provided to comply with the rules requiring an abstract that will allow a searcher or other reader to quickly ascertain the subject matter of the technical disclosure. It is submitted with the understanding that it will not be used to interpret or limit the scope or meaning of the claims.

BACKGROUND OF THE INVENTION

[0001] 1. Field of the Invention

[0002] The present invention relates to field programmable gate array(FPGA) integrated circuits. More particularly, the present inventionrelates to a method and apparatus for encrypting a data stream used toprogram an FPGA device.

[0003] 2. Background of the Invention

[0004] A field-programmable gate array (FPGA) is an integrated circuit(IC) that includes a two-dimensional array of general purpose logiccircuits, called cells or blocks, whose functions are programmable. Thecells are linked to one another by programmable buses. The cell typesmay be small multifunction circuits (or configurable functional blocksor groups) capable of realizing all Boolean functions of a fewvariables. The cell types are not restricted to gates. For example,configurable functional groups typically include memory cells andconnection transistors that may be used to configure logic functionssuch as addition, subtraction, etc., inside of the FPGA. A cell may alsocontain sequential elements such as flip-flops. Two types of logic cellsfound in FPGAs are those based on multiplexers and those based onprogrammable read only memory (PROM) table-lookup memories. ErasableFPGAs can be reprogrammed many times. This technology is especiallyconvenient when developing and debugging a prototype design for a newproduct and for manufacture.

[0005] FPGAs may typically include a physical template that includes anarray of circuits, sets of uncommitted routing interconnects, and setsof user programmable switches associated with both the circuits and therouting interconnects. When these switches are properly programmed (setto on or off states), the template or the underlying circuit andinterconnect of the FPGA is customized or configured to perform specificcustomized functions. By reprogramming the on-off states of theseswitches, an FPGA can perform many different functions. Once a specificconfiguration of an FPGA has been decided upon, it can be configured toperform that one specific function.

[0006] The user programmable switches in an FPGA can be implemented invarious technologies, such as ONO antifuse, M-M antifuse, SRAM memorycell, Flash EPROM memory cell, and EEPROM memory cell. FPGAs that employfuses or antifuses as switches can be programmed only once. A memorycell controlled switch implementation of an FPGA can be reprogrammedrepeatedly. In this scenario, a NMOS transistor may be used as theswitch to either connect or leave unconnected two selected points (A,B)in the circuit. The source and drain nodes of the transistor may beconnected to points A, B respectively, and its gate node may be directlyor indirectly connected to the memory cell. By setting the state of thememory cell to either logical “1” or “0”, the switch can be turned on oroff and thus point A and B are either connected or remain unconnected.Thus, the ability to program these switches provides for a very flexibledevice.

[0007] FPGAs may store the program that determines the circuit to beimplemented in a RAM or PROM on the FPGA chip. The pattern of the datain this configuration memory (CM) determines the cell's functions andtheir interconnection wiring. Each bit of CM controls a transistorswitch in the target circuit that can select some cell function or make(or break) some connection. By replacing the contents of CM, designerscan make design changes or correct design errors. The CM can bedownloaded from an external source or stored on-chip. This type of FPGAcan be reprogrammed repeatedly, which significantly reduces developmentand manufacturing costs.

[0008] Design software may be used to program the FPGA. The designsoftware may compile a specific configuration of the programmableswitches desired by the end-user, into FPGA configuration data. Thedesign software assembles the configuration data into a bit stream,i.e., a stream of ones and zeros, that is fed into the FPGA and used toprogram the configuration memories for the programmable switches. Thebit stream is the data-pattern to be loaded into the CM that determineswhether each memory cell stores a “1” or “0”. The stored bit in each CMcontrols whether its associated transistor switch is turned on or off.End users typically use software to create the bit stream after theysimulated, tested the design for the FPGA.

[0009] Referring to the flow chart of FIG. 1, a designer or end userprograms an FPGA 100. The design software assembles the configurationdata into a data stream 110. This act may also be performed by softwarepersonnel. The data stream may be stored on a source external to theFPGA 120. On start up, the external source sends the data stream to theFPGA 130. Once in the FPGA, the data stream configures the RAM or PROMwithin the FPGA.

[0010] In a FPGA that uses a data stream that is downloaded from anexternal source, a person may be able to intercept the data stream as itis being loaded onto the FPGA, between acts 120 and 130 of FIG. 1. Thismay allow such a person to reverse engineer the IC if he or she is ableto read the data stream.

BRIEF DESCRIPTION OF THE INVENTION

[0011] The present invention is directed towards a method and apparatusfor encrypting a data stream used to program an FPGA device comprisingdetermining if there is at least one gap in the data stream; determiningwhether encryption is enabled for the at least one gap in the datastream; and encrypting the data stream, if encryption is enabled for theat least one gap.

[0012] The present invention is also directed towards a method andapparatus for de-encrypting an encrypted data stream used to program anFPGA device comprising determining if there is at least one gap in thedata stream; determining whether encryption was enabled for the at leastone gap in the data stream; and de-encrypting the data stream, ifencryption was enabled for the at least one gap.

BRIEF DESCRIPTION OF THE DRAWING FIGURES

[0013]FIG. 1 is a flow chart showing the prior art.

[0014]FIG. 2 is a flow chart showing one embodiment of the disclosedsystem.

[0015]FIG. 3 is a flow chart showing one embodiment of the disclosedsystem.

[0016]FIG. 4 is a flow chart showing one embodiment of the disclosedsystem.

DETAILED DESCRIPTION OF THE INVENTION

[0017] Those of ordinary skill in the art will realize that thefollowing description of the present invention is illustrative only andnot in any way limiting. Other embodiments of the invention will readilysuggest themselves to such skilled persons.

[0018]FIG. 2 refers to a flow chart describing one embodiment of thedisclosed method. In the first act 200 a designer or user programs anFPGA 200. The design software assembles the configuration data into adata stream 210. The design software may inquire as to whether thedesigner or the user wishes to have the data stream encrypted. If thedesigner or user wants the data stream to be encrypted, then he or shemay select the option for encryption at act 220. The data stream isencrypted at act 230. This act 230 may also be performed by softwarepersonnel. The data stream may be stored on a source external to theFPGA 240. The external data source may be a PROM, CPU or any othermemory device. On start-up, the external source sends the data stream tothe FPGA 250. The FPGA may de-encrypt the data stream prior toconfiguring the RAM or PROM 260. Once de-encrypted, the data streamconfigures the RAM or PROM within the FPGA 270. The RAM associated witheach programmable transistor on the FPGA may also be referred to as RAMCELLS.

[0019] In many systems, the data stream is loaded into CM which isaddressed by X and Y address lines running horizontally and vertically.During the configuration, the data stream bits are loaded sequentiallycolumn (Y) by column (Y). Within one column, it is loaded bit by bitfrom the top to the bottom (stepping through all the rows or X's). Someintersections of X and Y lines or addresses may have no physical CM bitssince those locations may be used by logic modules or other components.Although there may be locations with no data stream bits on the FPGAdevice, the data stream still contains data in the form of 1's or 0'scorresponding to those empty locations.

[0020] Consecutive empty locations in the addressing space may bereferred to as a “GAP”. The stream data inside the gap is not written tothe CM and therefore has no effect on the functionality of theconfigured FPGA. An address decoder may signal the beginning and alsothe end of such a gap. At the end of the gap, the integrity of theconfiguration data loaded up to this point may be checked by an on-chip16 bit Cyclic Redundancy Check (CRC) circuit. In another embodiment ofthe disclosed system that uses a 16 bit CRC, the minimum gap size may be17 bits. The first bit inside the gap may be the “Encryption Enable”bit. If the Encryption Enable bit is set, then the subsequent section ofthe data stream will be encrypted. The section may be defined as all thebits after the Encryption Enable Bit up to the beginning of the nextgap. However, the sections may be defined in other ways. If encryptionis enabled, every eighth (8th) bit may be complemented (changed from a“1” to a “0” and from a “0” to a “1”). It is not necessary that only the8^(th) bit be complemented, other bits may be complemented, randompatterns or un-random patterns of data may be inserted in the datastream gaps. If the encrypted data stream is loaded into the CM of theFPGA, the FPGA may not function correctly. Thus the data stream may bede-encrypted prior to entering the CM but after entering the FPGAdevice. The encryption can be optionally set to “on” or “off” for eachsection, thus for a particular design, with a different on/off settingthe data stream file can appear very different, thereby making reverseengineering more difficult.

[0021] Referring to FIG. 3, an illustration of one embodiment of thesystem is shown. The system receives the data stream at act 310. Thesystem determines whether it has received the start of a gap at query320. In one embodiment of the disclosed system a gap may be as small 2bits. In an other embodiment of the disclosed system, a gap may be atleast 17 bits in length upwards to at least 64 bits in length. Theminimum of 17 bits may be due to the use of a 16 bit CRC. The systemthen determines whether encryption has been enabled for that gap atquery 330. If encryption has been enabled, the system then complementsevery 8^(th) bit until the beginning of the next gap at act 340. Thesystem performs this method until it determines that it has reached theend of the data stream at query 350.

[0022] Referring to FIG. 4, an other embodiment of the disclosed methodis shown. The FPGA receives the encrypted data stream from the externalsource at act 410. The system then determines if it has received thestart of a gap at query 420. If the system determines it has receivedthe start of a gap, then the system determines whether the encryptionwas enabled at query 430. If the encryption was enabled, the systemcomplements every 8^(th) bit (or other n^(th) bit if a number other than8 was used) until the beginning of the next gap at act 440. Act 440 ineffect de-encrypts the data stream. The system then determines whetherit has received the end of the data stream at query 450. If the systemdetermines that it has received the end of the data stream, then thesystem configures the RAM and/or PROM of the FPGA with the de-encrypteddata stream at act 460.

[0023] In another embodiment of the present invention, portions of thedata stream may be compressed and other portions of the data stream maybe encrypted, thereby further altering the data stream and thushindering those who may attempt to reverse engineer the data stream.

[0024] In another embodiment of the present invention, random bits maybe inserted into the gaps of the data stream to further hinder those whomay wish to reverse engineer the data stream.

[0025] While embodiments and applications of this invention have beenshown and described, it would be apparent to those skilled in the artthat many more modifications than mentioned above are possible withoutdeparting from the inventive concepts herein. The invention, therefore,is not to be restricted except in the spirit of the appended claims.Although the claims refer to sending the data stream to RAM CELLS on theFPGA, those skilled in the art are aware that the disclosed system alsoapplies to those devices with other memory devices located in the FPGA,including without limitation PROMs.

What is claimed is:
 1. A method for encrypting a data stream used toprogram an FPGA device comprising: determining if there is at least onegap in the data stream; determining whether encryption is enabled forsaid at least one gap in the data stream; and encrypting said datastream, if encryption is enabled for said at least one gap.
 2. Themethod of claim 1 wherein said act of encrypting said data streamfurther comprises complementing every eighth bit of said data streamuntil the beginning of a next at least one gap.
 3. The method of claim1, further comprising: receiving said data stream by said FPGA device;determining if there is at least one gap in the data stream;de-encrypting said data stream, if encryption is enabled for said atleast one gap; and sending said data stream to a plurality of RAM cellsin the FPGA device.
 4. The method of claim 3, wherein said act ofde-encrypting said data stream comprises: complementing every eighth bitof said data stream until the beginning of a next at least one gap. 5.The method of claim 1, wherein at least one gap is not encrypted, andsaid non-encrypted gap is compressed.
 6. The method of claim 1, whereinfor at least one gap, a continuous segment of said gap is encrypted andanother continuous segment of said gap is compressed.
 7. The method ofclaim 1, wherein random bits are inserted into said at least one gap. 8.The method of claim 1, wherein non-random bits are inserted into said atleast one gap.
 9. A method for de-encrypting an encrypted data streamused to program an FPGA device comprising: determining if there is atleast one gap in the data stream; determining whether encryption wasenabled for said at least one gap in the data stream; and de-encryptingsaid data stream, if encryption was enabled for said at least one gap.10. A program storage device readable by a machine, tangibly embodying aprogram of instructions executable by the machine to perform a methodfor encrypting a data stream used to program an FPGA device, said methodcomprising: determining if there is at least one gap in the data stream;determining whether encryption is enabled for said at least one gap inthe data stream; and encrypting said data stream, if encryption isenabled for said at least one gap.
 11. The program storage device ofclaim 10, wherein said act of encrypting said data stream furthercomprises complementing every eighth bit of said data stream until thebeginning of a next at least one gap.
 12. The program storage device ofclaim 10, wherein said method for encrypting a data stream furthercomprises: receiving said data stream by said FPGA device; determiningif there is at least one gap in the data stream; de-encrypting said datastream, if encryption is enabled for said at least one gap; and sendingsaid data stream to a plurality of RAM cells in the FPGA device.
 13. Theprogram storage device of claim 12, wherein said act of de-encryptingsaid data stream comprises: complementing every eighth bit of said datastream until the beginning of a next at least one gap.
 14. The programstorage device of claim 10, wherein said method for encrypting a datastream further comprises the following act: wherein at least one gap isnot encrypted, and said non-encrypted gap is compressed.
 15. The programstorage device of claim 10, wherein said method for encrypting a datastream further comprises the following act: wherein for at least onegap, a continuous segment of said gap is encrypted and anothercontinuous segment of said gap is compressed.
 16. The program storagedevice of claim 10, wherein said method for encrypting a data streamfurther comprises the following act: wherein random bits are insertedinto said at least one gap prior to encryption.
 17. The program storagedevice of claim 10, wherein said method for encrypting a data streamfurther comprises the following act: wherein non-random bits areinserted into said at least one gap prior to encryption.
 18. A programstorage device readable by a machine, tangibly embodying a program ofinstructions executable by the machine to perform a method forde-encrypting an encrypted data stream used to program an FPGA device,said method comprising: determining if there is at least one gap in thedata stream; determining whether encryption was enabled for said atleast one gap in the data stream; and de-encrypting said data stream, ifencryption was enabled for said at least one gap.
 19. An apparatus forencrypting a data stream used to program an FPGA device, said apparatuscomprising: means for determining if there is at least one gap in saiddata stream; means for determining whether encryption is enabled forsaid at least one gap in the data stream; and means for encrypting saiddata stream, if encryption is enabled for said at least one gap.
 20. Theapparatus of claim 19, wherein said means of encrypting furthercomprises means for complementing every eighth bit of said data streamuntil the beginning of a next at least one gap.
 21. The apparatus ofclaim 19, further comprising: means for receiving said data stream bysaid FPGA device; means for determining if there is at least one gap inthe data stream; means for de-encrypting said data stream, if encryptionis enabled for said at least one gap; and means for sending said datastream to a plurality of RAM cells in the FPGA device.
 22. The apparatusof claim 21, wherein said means for de-encrypting further comprisesmeans for complementing every eighth bit of said data stream until thebeginning of a next at least one gap.
 23. The apparatus of claim 19,further comprising a means for compressing at least one non-encryptedgap.
 24. The apparatus of claim 19, further comprising a means forencrypting a continuous segment of said gap, and a means for compressinganother continuous segment of said gap.
 25. The apparatus of claim 19,further comprising a means for inserting random bits into at least onesaid gap prior to encryption.
 24. The apparatus of claim 19, furthercomprising a means for inserting non-random bits into at least one saidgap prior to encryption.
 9. An apparatus for de-encrypting an encrypteddata stream used to program an FPGA device, said apparatus comprising:means for determining if there is at least one gap in the data stream;means for determining whether encryption was enabled for said at leastone gap in the data stream; and means for de-encrypting said datastream, if encryption was enabled for said at least one gap.